<?php
require '../data/data.php';
session_start();

// 未登录，跳转到登录页面
if (!isset($_SESSION['user']) || empty($_SESSION['user'])) {
   header('Location:../signin.php');
   return;
}

$user = $_SESSION['user'];
$userName = $user['user_name'];
$content = isset($_POST['content']) ? htmlspecialchars($_POST['content']) : '';
$hasError = false;
if (trim($content) == '') {
  $hasError = true;
  $errorBag['error'] = '留言信息不能为空';
  $_SESSION['has_error'] = $hasError;
  $_SESSION['error_bag'] = $errorBag;
  header('Location:../public/index.php');
  return;
}

$sql = 'insert into messages(user_name,content,created_at) values(?,?,now())';
execute($sql, [$userName, $content]);
header('Location:../index.php');
